<?
/* Create new object of class */
$ses_class = new session();

/* Change the save_handler to use the class functions */
session_set_save_handler (array(&$ses_class, '_open'),
                          array(&$ses_class, '_close'),
                          array(&$ses_class, '_read'),
                          array(&$ses_class, '_write'),
                          array(&$ses_class, '_destroy'),
                          array(&$ses_class, '_gc'));

if (isset($_REQUEST["sID"]))
{
	$sID = substr($_REQUEST["sID"], 3);
	$old_sid = substr($sID, 32);
		
	if ($sID != md5($old_sid . $_SERVER['REMOTE_ADDR']) . $old_sid)
	{
		header("Location: " . BASE_URL_NOSEG);
		exit;
	}
	session_id($old_sid);
}
/* Start the session */
session_start();

class session
{
    /* Define the mysql table you wish to use with
       this class, this table MUST exist. */
    var $ses_table = "sessions";

    /* Change to 'Y' if you want to connect to a db in
       the _open function */
    var $db_con = "N";
	
	var $db = false;
	
	function session()
	{
		global $db;
		$this->db = $db;		
	}

    /* Create a connection to a database */
    function db_connect() {
        /*$mysql_connect = @mysql_pconnect (MYSQL_SERVER, MYSQL_USER, MYSQL_SENHA);
        $mysql_db = @mysql_select_db (MYSQL_DB);

        if (!$mysql_connect || !$mysql_db) {
            return FALSE;
        } else {
            return TRUE;
        }*/
    }

    /* Open session, if you have your own db connection
       code, put it in here! */
    function _open($path, $name) {
        /*if ($this->db_con == "Y") {
            $this->db_connect();
        }*/

        return TRUE;
    }

    /* Close session */
    function _close() {
        /* This is used for a manual call of the
           session gc function */
        $this->_gc(0);
        return TRUE;
    }

    /* Read session data from database */
    function _read($ses_id) {
        $session_sql = "SELECT * FROM " . $this->ses_table
                     . " WHERE ses_id = '$ses_id'";
        //$session_res = @mysql_query($session_sql);
        $session_res = $this->db->Execute($session_sql);
        if (!$session_res) {
            return '';
        }

        //$session_num = @mysql_num_rows ($session_res);
        $session_num = $session_res->RecordCount();
        if ($session_num > 0) {
            //$session_row = mysql_fetch_assoc ($session_res);
            $session_row = $session_res->GetRowAssoc(0);
            $ses_data = $session_row["ses_value"];
            return $ses_data;
        } else {
            return '';
        }
    }

    /* Write new data to database */
    function _write($ses_id, $data) {
        $session_sql = "UPDATE " . $this->ses_table
                     . " SET ses_time='" . time()
                     . "', ses_value='$data' WHERE ses_id='$ses_id'";
        //$session_res = @mysql_query ($session_sql);
        $session_res = $this->db->Execute($session_sql);
        if (!$session_res) {
            return FALSE;
        }
        //if (mysql_affected_rows ()) {
        if ($this->db->Affected_Rows() > 0) {
            return TRUE;
        }

        $session_sql = "INSERT INTO " . $this->ses_table
                     . " (ses_id, ses_time, ses_start, ses_value)"
                     . " VALUES ('$ses_id', '" . time()
                     . "', '" . time() . "', '$data')";
        //$session_res = @mysql_query ($session_sql);
        $session_res = $this->db->Execute($session_sql);
        if (!$session_res) {    
            return FALSE;
        }         else {
            return TRUE;
        }
    }

    /* Destroy session record in database */
    function _destroy($ses_id) {
        $session_sql = "DELETE FROM " . $this->ses_table
                     . " WHERE ses_id = '$ses_id'";
        //$session_res = @mysql_query ($session_sql);
        $session_res = $this->db->Execute($session_sql);
        if (!$session_res) {
            return FALSE;
        }         else {
            return TRUE;
        }
    }

    /* Garbage collection, deletes old sessions */
    function _gc($life) {
        $ses_life = strtotime("-40 minutes");
		
		if (!ereg("/sas/", $_SERVER['PHP_SELF']))
		{
			$sql = "DELETE FROM cesta_item WHERE id_sessao IN (SELECT ses_id FROM " . $this->ses_table . " WHERE ses_time < $ses_life)";
			//db_query($sql);
			$this->db->Execute($sql);
		}
		
        $session_sql = "DELETE FROM " . $this->ses_table
                     . " WHERE ses_time < $ses_life";
        //$session_res = @mysql_query ($session_sql);
        $session_res = $this->db->Execute($session_sql);


        if (!$session_res) {
            return FALSE;
        }         else {
            return TRUE;
        }
    }
}
?>